The Unofficial VMworld Recap

I watched the Day 2 keynote from the US VMworld 2014 earlier today, and I wanted to share a few of my thoughts about the focus of the keynotes with respect to end-user computing and enabling Enterprise Mobility.

Perhaps it goes without saying up front that I love competition and believe that competition is good for everyone – especially customers.

The biggest thing I took away from today’s keynote was the stark difference between the approaches taken by Microsoft and VMware for enabling Enterprise Mobility. Much of what VMware spoke about today revolved around improving their VDI capabilities on top of their virtualization platform. This was pretty predictable since that’s right in VMware’s wheelhouse.

Right now, a lot of the vision from both Microsoft and VMware appears to be similar, e.g. enabling organizations around the world to embrace the trends of consumerization and mobility. From Microsoft’s perspective, our vision is to “Enable organization to enable their users to be productive on the devices they love, while helping the organizations be secure.” But how our two organizations are investing to deliver on this vision is very different.

At Microsoft, we are investing in a much broader set of capabilities than VMware – specifically, we are protecting at the device, app, data, and identity layers. If a solution is missing any of those four layers, you’re missing critical elements of a mobility solution. VMware is totally missing protection at the file and identity layers – and that’s a deal breaker.

Below, I’ll cover some of the key facts regarding the vast amount of work we’re doing here at Microsoft (with the Enterprise Mobility Suite and Microsoft Office) compared to the bets VMware is making.

In terms of real world success stories, Office 365 is the most visible example of a cloud service based upon AAD for directory services. AAD handles more than 13 Billion authentications per week! In fact, during the VMworld keynote, AAD processed more than 70 million authentications.

If you’re looking for a comparable identity and access management solution from VMware/AirWatch, you’ll have better luck finding a unicorn. VMware/AirWatch simply do not have an identity and access management solution. Today’s keynote didn’t mention identity or access management once. That’s a big problem for IT.

Built on Azure AD, Azure AD Premium (part of the Enterprise Mobility Suite) provides key features for managing identities across on-premises and the cloud including Multi-Factor Authentication for increased security, pre-configured single-sign-on and identity provisioning to more than 2,000 of the most popular cloud apps, and self-service password reset + group management to empower your users and reduce calls to your IT help desk. In addition to all this, one of the most interesting values of AAD Premium and the Enterprise Mobility Suite is the machine learning in the solution which enables IT to detect and block abnormal access requests.

It seems like every week there is a report of a significant security breach somewhere in the industry, and the rich identity management solution in EMS could identify and block these attacks. It is important. Really important. And VMware doesn’t even mention it in their mobility strategy.

Office 365 and the Office apps are the gold standard for business productivity, and they represent some of the most critical workloads that IT Pros need secured across their users’ devices.

Time, after time, Office was front and center in today’s keynote demos, but there was a pretty big elephant in the room (stage?) each time: VMware/AirWatch are unable to deeply and fully manage the Office apps across Windows, iOS, and Android. Only Intune and the Enterprise Mobility Suite can fully manage Office.

Back in May at TechED, we announced that, going forward, Office apps would ship with native support to be managed by Intune. Later this year, we will also be updating both Intune and the Office apps in significant ways. Intune will also be updated this year to include mobile app management for iOS and Android devices. Back in June I wrote an entire post that went through all the details.

If you use VMware/AirWatch and you want deep management of the Office productivity apps, your users will be given the Word, PowerPoint, Excel, Outlook clones that AirWatch has built. These apps don’t operate like the real Office apps from Microsoft and they lack the rich, unmistakably Office experience. You can count on document compatibility and rendering issues. IT teams have to ask themselves if they want to take their chances with separate, unproven productivity (I use that term lightly) apps from VMware/AirWatch, or do they want to breathe easy with Office 365?

Fact: Your Strategy Must Manage ALL Devices

While so much of the conversation today is about mobile devices (and despite VMware’s bold projections of a near-term future featuring mostly “just in time” desktops), let’s not forget that the majority of users in an Enterprise are using mobile devices and PCs – this is why it’s so important to ensure that PCs continue to be included in device management conversations.

Two out of three enterprise PC’s around the globe are managed via System Center Configuration Manager. Today, VMware talked a lot about desktop management – but only in the context of VDI. The keynote completely glossed over the need to manage the PCs and laptops that are in your user’s hands right now. The various presenters all made statements about VMware managing “all of your devices” – but they probably should have mentioned the asterisk to that statement which clarifies: “Unless you need to manage the distributed desktops and laptops in your organization.”

With Microsoft’s Enterprise Mobility solutions you can use the tools you have today, leverage the investments you’ve already made in Active Directory and System Center Configuration Manager (ConfigMgr) for years to come, and build a reliable foundation for the future of your business.

With Intune we have built the Mobile Device Management capabilities you would expect (e.g. full and rich support for managing Windows, iOS, and Android devices) and we’re delivering these capabilities from the cloud – but you can choose to do all your administration from the familiar ConfigMgr console you already know.

To learn more about how we have brought ConfigMgr and Intune together – I recommend checking out this post.

Application and device management can only provide so much protection for company resources. The next layer of management to consider is at the file level. To protect at the file level, you need different capabilities entirely: Tools that embed the access privileges right in the file itself. In other words, the ability to make the file self-protecting.

To enable this level of file protection, we have developed Azure Rights Management Services (Azure RMS), another component of the Enterprise Mobility Suite. With Azure RMS, the File/Save action can grant access rights to the file and those rights can be written into the file itself. In other words: The file protects itself. Microsoft is unique in being able to provide this level of protection.

When I wrote previously about Azure RMS, one of the data points I called out was that more than 70% of all the attachments that flow through Office 365 are files created from Microsoft Office or Adobe Acrobat. I didn’t see this kind of capability even hinted at in today’s keynotes. If you believe that files need to be self-protecting in the future (and I sure do), then you need the EMS – it’s the only solution on that market delivering this value.

The Enterprise Mobility Suite

The bottom line here is simple: You need to compare Microsoft’s Enterprise Mobility Suite & Office with what VMware announced today (the VMware Workspace Suite). I strongly believe that the value being delivered through the Enterprise Mobility Suite is far greater that what VMware can deliver.

Our customers’ enterprise mobility challenges – as well as the strategy elements discussed above – are top of mind here at Microsoft, and this is why we have developed our comprehensive, cost effective enterprise mobility offering. You can read about the components and practical applications of Microsoft’s mobility strategy in great detail in my ongoing “Success with Enterprise Mobility” series.

We believe these three elements are foundational to your Enterprise Mobility strategy. And I believe that Microsoft is the only organization investing in and delivering integrated solutions in all of them.

My biggest takeaway from today:

Our aggressive investment and innovation strategy will make Microsoft the clear leader in the enterprise mobility industry – both for end users and the IT Pros.

Join the conversation

Recent Posts from EMS Leaders

Everyone here in Redmond is wildly busy gearing up for Ignite next week — and I can’t remember a time I’ve been more excited to attend a tech conference. One of the reasons I’m so excited is that I have three hours set aside to do something that’s been on my to-do list for a very long time.... Read more

Howdy folks, A common request we get from our customers is to reduce the number of times users are prompted to sign into Azure AD. One way to reduce the frequency of prompts is to check the “Keep me signed in” checkbox on the sign-in flow, but our telemetry shows that usage of that checkbox is very low. But we know from talking to customers, that cutting down on the number of signin prompts is REALLY important. Nobody wants to have to signin to an app multiple times! So today I’m happy to share that we’re improving how “Keep me signed in” option is shown to users. We’re also adding intelligence to ensure users are prompted to remain signed in only when it’s safe to do so. First, as a quick refresher, here’s what the existing “Keep me signed in” experience is like. As you might guess, most users cruise right past the check box and never think twice.... Read more

Organizations are pushing forward in their digital transformations and we continue to see and hear more about what this shift means for IT. The scope of digital transformation goes beyond moving existing work to the cloud and enabling a more mobile workforce. It brings the opportunity to reimagine business from the ground up – from product offerings, to customer engagement strategies, to how to drive innovation and differentiate vs. competition. As a result, today more than ever, CIOs are being asked by their boards and other executives to weigh in on a growing number of business decisions. Almost half (46%) of CIOs in the State of the CIO survey report directly to their CEO, 61% have direct interaction with the board, and 76% are interfacing directly with customers.... Read more

Organizations are transforming how they operate in a digital world. This means seizing new opportunities quickly, reinventing business processes, and delivering greater value to customers. More important than ever are the strong and trusted relationships with the whole ecosystem in which an organization operates. This includes business partners, contractors, and of course customers. While business-to-business (B2B) and business-to-consumer (B2C) interactions may be different, sustaining both requires information security combined with intuitive user experiences.... Read more

As 2016 draws to a close, we would like to thank you for choosing Microsoft Enterprise Mobility + Security (EMS) to protect and secure your employees as you continue to digitally transform your organizations. More than 37,000 customers and over half of the Fortune 500 have now chosen EMS.... Read more